Paul Winkeler wrote:
On May 15, 2015, at 11:10, Daniel Kahn Gillmor <[email protected]> wrote:If I compromise your secret key, the nicest possible thing i can do with it is get it revoked. There is no reason to prevent this action from anyone who has access to the secret key.Isnt this a means to effect a denial of service attack?
Yes.But if an attacker has the private key you definitely want to stop the service using the accompanying public key cert. Because if you provide a TLS secured service you somewhat promise to the user that the traffic cannot be intercepted.
=> full ack with Rich's statement here Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
